General
-
Target
a68d3b80259f4b63376bf8f0bf920a70_NeikiAnalytics.exe
-
Size
168KB
-
Sample
240524-x9kavsgg99
-
MD5
a68d3b80259f4b63376bf8f0bf920a70
-
SHA1
b9d128f97c87942e80693a154500ab84ff2189d1
-
SHA256
4d03b15162d3dba8b8b29d01dd6abe2a5dbc9898d4c4d1f74e0571f866f8b596
-
SHA512
fa977006390837f753c8c559fefbfaa21163ea93ead69ebf9017c11975d868e80d690a8739d75a253b7b85312fd97cacb5cb7f375628e6071043b256b7c708e8
-
SSDEEP
3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBj:PqFF2Ie+e1MqFF2Ie+e1x
Malware Config
Targets
-
-
Target
a68d3b80259f4b63376bf8f0bf920a70_NeikiAnalytics.exe
-
Size
168KB
-
MD5
a68d3b80259f4b63376bf8f0bf920a70
-
SHA1
b9d128f97c87942e80693a154500ab84ff2189d1
-
SHA256
4d03b15162d3dba8b8b29d01dd6abe2a5dbc9898d4c4d1f74e0571f866f8b596
-
SHA512
fa977006390837f753c8c559fefbfaa21163ea93ead69ebf9017c11975d868e80d690a8739d75a253b7b85312fd97cacb5cb7f375628e6071043b256b7c708e8
-
SSDEEP
3072:6pWpUFpEhLfyBtPf50FWkFpPDze/qFsxEhLfyBtPf50FWkFpPDze/qFslEhLfyBj:PqFF2Ie+e1MqFF2Ie+e1x
Score9/10-
Renames multiple (742) files with added filename extension
This suggests ransomware activity of encrypting all the files on the system.
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-